LuminHive handles calls, leads and customer records for your business. Here is exactly how that data is separated, stored and protected — in plain terms, with no security theatre.

Tenant isolation

Every business on LuminHive is a separate tenant. No customer can read another customer's data, and that is enforced by the database itself rather than by application code that could be bypassed.

Where your data lives

Your data is stored in the United Kingdom (London region). It is encrypted in transit with TLS and encrypted at rest by our infrastructure provider.

Payments

Card payments are processed by Stripe. Card numbers never reach LuminHive's servers and we do not store them. Stripe is a PCI-DSS Level 1 certified service provider.

Access and credentials

Data protection and your rights

LuminHive is built for UK GDPR, EU GDPR and the California CCPA/CPRA. The platform includes a self-service data deletion flow, and you can export or erase your business's data on request. Full detail is in our Privacy Policy.

What we do not claim

LuminHive is not currently SOC 2 or ISO 27001 certified. We would rather tell you that than imply a certification we do not hold. If your procurement process needs a security questionnaire or a Data Processing Agreement, email us and we will complete it.

Reporting a vulnerability

If you believe you have found a security issue, please email hello@lumin-hive.com with the details. We will acknowledge your report and keep you updated while we investigate. Please do not publicly disclose an issue before we have had a chance to fix it.

Ask us a security question